Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 5.1. How do I start programming with Kerberos? Next Document: 5.3. What is SASL? See reader questions & answers on this topic! - Help others by sharing your knowledge GSSAPI is an acronym; it stands for Generic Security Services Application Programming Interface. The GSSAPI is a generic API for doing client-server authentication. The motivation behind it is that every security system has it's own API, and the effort involved with adding different security systems to applications is extremely difficult with the variance between security APIs. However, with a common API, application vendors could write to the generic API and it could work with any number of security systems. How does this relate to Kerberos? Included with most major Kerberos 5 distributions is a GSSAPI implementation. Thus, if a particular application or protocol says that it supports the GSSAPI, then that means that it supports Kerberos, by virtue of Kerberos including a GSSAPI implementation. The relevant standards for GSSAPI include: * RFC 2743 - Generic Security Services Application Program Interface Version 2, Update 1. <http://www.ietf.org/rfc/rfc2743.txt> * RFC 1509 - Generic Security Service API: C-bindings <http://www.ietf.org/rfc/rfc1509.txt> * RFC 1964 - The Kerberos Version 5 GSS-API Mechanism <http://www.ietf.org/rfc/rfc1964.txt> In terms of programming guides, the only one available that I know about is the one from Sun Microsystems. It seems fairly complete and is a excellent starting point: * <http://docs.sun.com:80/ab2/coll.610.1/GSSAPIPG/> User Contributions:Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 5.1. How do I start programming with Kerberos? Next Document: 5.3. What is SASL? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Last Update March 27 2014 @ 02:11 PM
|
Comment about this article, ask questions, or add new information about this topic: